| Package | libssh2 |
|---|---|
| Version | 1.4.2-1.1+deb7u4 |
| Related CVEs | CVE-2019-3859 |
This regression update follows up on an upstream regression update [1] regarding CVE-2019-3859.
With the previous libssh2 package revision, it was observed that user authentication with private/public key pairs would fail under certain circumstances.
[1] https://github.com/libssh2/libssh2/pull/327
For Debian 7 Wheezy, these problems have been fixed in version 1.4.2-1.1+deb7u4.
We recommend that you upgrade your libssh2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.